From owner-freebsd-security Mon Sep 25 19:11:48 2000 Delivered-To: freebsd-security@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id D65DB37B622; Mon, 25 Sep 2000 19:11:05 -0700 (PDT) Received: from localhost (kris@localhost) by freefall.freebsd.org (8.9.3/8.9.2) with ESMTP id TAA90248; Mon, 25 Sep 2000 19:11:05 -0700 (PDT) (envelope-from kris@FreeBSD.org) X-Authentication-Warning: freefall.freebsd.org: kris owned process doing -bs Date: Mon, 25 Sep 2000 19:11:05 -0700 (PDT) From: Kris Kennaway To: Sam Wun Cc: "'freebsd-security@freebsd.org'" Subject: Re: IPsec block my ssh remote login. In-Reply-To: <39D0060C.230D7658@eSec.com.au> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Tue, 26 Sep 2000, Sam Wun wrote: > This makes much more sense now. Thanks > Another question is, do I need to setup ipsec in rc.conf file like ipfilter just > for convinently setting the IPSEC up when the machine in the booting stage? If > so, I will need to modify the rc.network to reflect the change? rc.conf includes the option: ipsec_file="/etc/ipsec.conf" # Name of config file for setkey which does the obvious thing. You may also like to enable other rc.conf options. Kris -- In God we Trust -- all others must submit an X.509 certificate. -- Charles Forsythe To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message